hassio-addons/addon-wireguard
1
0
Fork 0
mirror of https://github.com/hassio-addons/addon-wireguard.git synced 2025-05-04 19:01:31 +00:00
Code Issues Projects Releases Packages Wiki Activity

Adds support for all WireGuard options

Browse source
This commit is contained in:
Franck Nijhof 2019-08-29 12:54:05 +02:00
parent c42bd30cb7
commit 13b6047511
No known key found for this signature in database
GPG key ID: D62583BA8AB11CA3
2 changed files with 38 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

10
wireguard/config.json
View file

@ -60,8 +60,13 @@
"dns": ["str"], "dns": ["str"],
"private_key": "str?", "private_key": "str?",
"public_key": "str?", "public_key": "str?",
"fwmark": "str?",
"table": "str?",
"pre_up": "str?",
"pre_down": "str?",
"post_up": "str?", "post_up": "str?",
"post_down": "str?" "post_down": "str?",
"mtu": "int?"
}, },
"peers": [ "peers": [
{ {
@ -73,7 +78,8 @@
"client_allowed_ips": ["str"], "client_allowed_ips": ["str"],
"persistent_keep_alive": "int?", "persistent_keep_alive": "int?",
"endpoint": "str?", "endpoint": "str?",
"pre_shared_key": "str?" "pre_shared_key": "str?",
"fwmark": "str?"
} }
] ]
} }

34
wireguard/rootfs/etc/cont-init.d/config.sh
View file

@ -3,25 +3,30 @@
# Community Hass.io Add-ons: WireGuard # Community Hass.io Add-ons: WireGuard
# Creates the interface configuration # Creates the interface configuration
# ============================================================================== # ==============================================================================
readonly CONFIG="/etc/wireguard/wg0.conf"
declare -a list declare -a list
declare addresses declare addresses
declare allowed_ips declare allowed_ips
declare config
declare config_dir declare config_dir
declare dns declare dns
declare endpoint declare endpoint
declare filename
declare fwmark
declare host declare host
declare keep_alive declare keep_alive
declare mtu
declare name declare name
declare peer_private_key declare peer_private_key
declare peer_public_key declare peer_public_key
declare port declare port
declare post_down declare post_down
declare post_up declare post_up
declare pre_down
declare pre_shared_key declare pre_shared_key
declare pre_up
declare server_private_key declare server_private_key
declare server_public_key declare server_public_key
declare filename declare table
if ! bashio::fs.directory_exists '/ssl/wireguard'; then if ! bashio::fs.directory_exists '/ssl/wireguard'; then
mkdir -p /ssl/wireguard || mkdir -p /ssl/wireguard ||
@ -71,6 +76,12 @@ else
server_public_key=$(wg pubkey <<< "${server_private_key}") server_public_key=$(wg pubkey <<< "${server_private_key}")
fi fi
fwmark=$(bashio::config "server.fwmark")
mtu=$(bashio::config "mtu")
pre_down=$(bashio::config "server.pre_down")
pre_up=$(bashio::config "server.pre_up")
table=$(bashio::config "server.table")
# Post Up & Down defaults # Post Up & Down defaults
post_up="iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE" post_up="iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE"
post_down="iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE" post_down="iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE"
@ -107,10 +118,23 @@ fi
# Adds server port to the configuration # Adds server port to the configuration
echo "ListenPort = 51820" echo "ListenPort = 51820"
# Custom routing table
bashio::config.has_value "server.table" && echo "Table = ${table}"
# Pre up & down
bashio::config.has_value "server.pre_up" && echo "PreUp = ${pre_up}"
bashio::config.has_value "server.pre_down" && echo "PreDown = ${pre_down}"
# Post up & down # Post up & down
bashio::var.has_value "${post_up}" && echo "PostUp = ${post_up}" bashio::var.has_value "${post_up}" && echo "PostUp = ${post_up}"
bashio::var.has_value "${post_down}" && echo "PostDown = ${post_down}" bashio::var.has_value "${post_down}" && echo "PostDown = ${post_down}"
# fwmark for outgoing packages
bashio::config.has_value "server.fwmark" && echo "FwMark = ${fwmark}"
# Custom MTU setting
bashio::config.has_value "server.mtu" && echo "MTU = ${mtu}"
# End configuration file with an empty line # End configuration file with an empty line
echo "" echo ""
} >> "${CONFIG}" } >> "${CONFIG}"
@ -136,11 +160,11 @@ for peer in $(bashio::config 'peers|keys'); do
name=$(bashio::config "peers[${peer}].name") name=$(bashio::config "peers[${peer}].name")
config_dir="/ssl/wireguard/${name}" config_dir="/ssl/wireguard/${name}"
endpoint=$(bashio::config "peers[${peer}].endpoint")
fwmark=$(bashio::config "peers[${peer}].fwmark")
host=$(bashio::config 'server.host') host=$(bashio::config 'server.host')
port=$(bashio::addon.port "51820/udp") port=$(bashio::addon.port "51820/udp")
keep_alive=$(bashio::config "peers[${peer}].persistent_keep_alive")
pre_shared_key=$(bashio::config "peers[${peer}].pre_shared_key") pre_shared_key=$(bashio::config "peers[${peer}].pre_shared_key")
endpoint=$(bashio::config "peers[${peer}].endpoint")
# Create directory for storing client configuration # Create directory for storing client configuration
mkdir -p "${config_dir}" || mkdir -p "${config_dir}" ||
@ -221,6 +245,8 @@ for peer in $(bashio::config 'peers|keys'); do
&& echo "PrivateKey = ${peer_private_key}" && echo "PrivateKey = ${peer_private_key}"
echo "Address = ${addresses}" echo "Address = ${addresses}"
echo "DNS = ${dns}" echo "DNS = ${dns}"
bashio::config.has_value "peers[${peer}].fwmark" \
&& echo "FwMark = ${fwmark}"
echo "" echo ""
echo "[Peer]" echo "[Peer]"
echo "PublicKey = ${server_public_key}" echo "PublicKey = ${server_public_key}"